General discussion

  • Creator
    Topic
  • #2341864

    DNS+Domain Name System Security Extensions (DNSSEC)+DNSCrypt

    Locked

    by drgaryms ·

    Tags: 

    DNSSEC has been around for many years with a very slow adoption rate and clearly security researchers are divided in two camps where people against it advise that DNSSEC is dead, extremely complex, privacy concerns, but on the other hand who are able to successfully implement it promote aggressively. Why not? as if we cannot trust the DNS, we shouldn’t be trusting the web at all. This paper discusses what is DNS, how DNSSEC helps in improving integrity of the web, how it protects from DNS spoofing and other attacks, what are the arguments in favor and against DNSSEC which includes attacks agains DNSSEC also, and in the end discusses how DNSCrypt could help organizations securing the “last mile” of the DNS lookup.

All Comments